Embed Size (px)
Citation preview
NHSmail
Office 365 Hybrid
NHSmail is provided by NHS Digital in partnership with Accenture
Functional Comparison
May 2018
2
Overview
The NHSmail Office 365 Hybrid will enable greater collaboration by integrating the NHSmail Active Directory, Exchange and Skype for Business
services with Microsoft Office 365 (O365). This document provides an outline of the key features offered by the products and any known
limitations. The document has been produced to support health and care organisations make decisions about their IT roadmap and use of the
NHSmail Office 365 Hybrid.
The products outlined in the pack include:
• Azure Active Directory
• Office 365 Summary
• Exchange
• Teams
• SharePoint
• OneDrive
• Yammer
• Delve
• StaffHub
• Power BI
Further comments are provided throughout the document on any additional key information and anticipated product behaviours for the NHSmail
Office 365 Hybrid.
3
NHSmail Office 365 Hybrid Approach
NHSmail will provision and configure a central O365 tenant. Synchronising the NHSmail Active Directory with Microsoft Azure AD will
enable users to sign into NHSmail, O365 and other Azure services using their NHSmail user name and password.
Organisations will be able to enrol and manage their O365 users within NHSmail via the existing NHSmail Portal. The Portal will be
developed to include O365 administration features, including the ability to assign licenses, enable applications and create SharePoint Sites.
There will be no change to the NHSmail Exchange and
Skype for Business services which will remain outside of the
O365 tenant and continue to be hosted within the NHSmail
data centres in England.
O365 services will be hosted in the UK or EU data centres in
accordance with the recently published guidance on off-
shoring data and the use of public cloud services here.
4
NHSmail Office 365 Hybrid Key Benefits
Fastest and lowest effort way to
onboard to Office365 – allowing
benefits to occur more quickly and
minimises cost of local IT support
Instant regional and national
collaboration across 80% of NHS
organisations without needing to
set up individual local sharing
relationships
Access to market leading
collaboration products to improve
productivity
Nationally managed collaboration solution reducing need for local management/support
Significantly reducing onboarding lead time from months to days, as onboarding is managed via the NHSmail Portal against identities
already established in the national NHS Directory.
Identities already established in the national NHS Directory, access to all O365 services is quick without requiring a costly local project
to provision a dedicated tenant
Allows local ownership of licenses whilst enabling use of a national collaboration platform
Consistent experience for IT support teams via the existing central portal hub for support of mail or O365 collaboration services
5
Azure Active Directory
The NHSmail Active Directory has been synchronised with Azure Active Directory in order to enable delivery of the Office 365 services. This
also supports:
• Authentication to other Azure Services
• Authentication to other services that support open standards (OAuth and OpenID)
Users will see no change to how they currently access NHSmail and organisations will not incur additional license costs from
synchronisation with Azure AD.
NHSmail to Azure AD synchronisation is part of the long-term vision to realise greater collaboration across the wider health and care
system. Synchronisation will introduce content and identity sharing between organisations and across government departments and will
support the ability to integrate with third party applications. This will reduce the burden of managing different credentials for each system by
leveraging the NHSmail username and password.
6
The illustration below outlines the key differences between joining the NHSmail Office 365 Hybrid versus
the off-the-shelf Office 365 offering.
Further Information1Office 365 Groups will be created and managed via NHSmail Portal 2Skype for Business Enterprise Voice is not currently available on the NHSmail Service3Larger mailbox quotas can be purchased from the NHSmail Additional Services Catalogue
FeaturesNHSmail
Office 365
Local
Office 365
National NHS Directory
Dedicated, national, user facing helpdesk
Enhanced tenant service management wrapper
Instant access to NHSmail integrated platform
Advanced mail threat protection as standard
Portal management capability
Office 365 Groups1
Skype for Business Instant Messaging & Presence
National Skype for Business instance2
F1 license mailbox size3
E3 license mailbox size3
E5 license mailbox size3
4GB
4GB
4GB
2GB
100GB
100GB
Office 365 and NHSmail
7
Further Information1Customised development via NHSmail Portal provides abilities to self-serve distribution group management2Provided as standard with NHSmail platform via Trend Micro 23/4NHSmail organisations integrate with local archiving solution or purchase additional mailbox quota top-ups5Office 365 Groups will be created and managed via NHSmail Portal
Features
NHSmail
Office 365Local Office 365
Send/receive, group mailbox, shared calendars
Secure outlook web mail access on any device
Self-service management of distribution groups1
and shared mailboxes
Advanced mail threat protection as standard2
Archiving Exchange Online-based Mailboxes3
Azure Information Rights Management
In-Place Hold and Litigation Hold
In-Place eDiscovery
Mailbox Size4
Office 365 Groups5
Data Loss Prevention
E1 E3 E5
2GB 50GB 100GB4GB
Exchange
8
Teams provides a team collaboration space including persistent chat, wiki and threaded chat capabilities.
Further Information
• To share and store files in a Teams conversation users will require access to SharePoint Online. To share and store files in a
Teams private chat users will require OneDrive for Business.
• If users aren't assigned and enabled with SharePoint Online licenses, they won't have OneDrive for Business storage in
Office 365. In his scenario, file sharing will continue to work in Teams Channels, but users are unable to share files in Chats
without OneDrive for Business storage in Office 365.
• Teams internal connectors can be configured by users
• Content (including person-to-person chats) is not archived by the NHSmail Service
• Teams within the Teams application will be created within the NHSmail Portal by Local Administrators.
End users will be able to self-manage the additional and removal of team members.
• Ad-hoc/unscheduled meetings are available on the NHSmail Hybrid.
Features
NHSmail
Office365
Local
Office365
Create teams
Join teams
Create channels
Create and view meetings
Modify profile picture
Add and configure external connectors
Group Chat
Person to Person Chat*
Teams
9
SharePoint provides document management, storage and collaboration capabilities.
Further Information
• Access to SharePoint Online will be managed by Local Administrators using the NHSmail Portal. SharePoint Site Owners will be
allocated within the NHSmail Portal. Site Owners will be responsible for managing the site directly within SharePoint.
• Standard storage limits for the O365 service will apply; 0.5 GB per licensed user of that organisation. Each site collection is capped
at 25 TB of storage and there is a single file upload limit of 15 GB.
• Local Administrators will be able to access reports on data usage for each site collection, however cannot manage storage quotas.
• Data Loss Prevention policies will be set nationally for the NHSmail tenant and applied to SharePoint Online.
• Storage allocation for SharePoint Online is managed separately from OneDrive for Business Site Collections created for each user.
• External SharePoint sharing outside of the NHSmail O365 tenant will be disabled in the first release.
• Integration of third party applications will be reviewed and can be integrated subject to alignment with the appropriate standards.
Features
NHSmail
Office 365
Local
Office 365
Create a SharePoint site collection
Assign SharePoint admins to manage services
Create and manage document libraries
Workflow management, lists and tables
SharePoint project sites
Presence lights from Skype for Business
SharePoint site mailboxes
Site access requests via email
SharePoint
10
OneDrive is a personal document storage space allowing users to store and access content from any
device.
Further Information:
• Each licensed user is allocated 1 TB of storage space by default.
• Organisations must have an active SharePoint Online subscription and must enable users of OneDrive for SharePoint.
• External sharing outside of the NHSmail O365 Tenant from OneDrive will be disabled globally for the first release of the
NHSmail O365 Hybrid service.
• Data Loss Prevention policies will be set nationally for OneDrive.
• Synchronisation of files from a local workstation desktop will require the OneDrive for Business sync app.
Features
NHSmail
Office 365
Local
Office 365
Access documents on any device
Upload and download files
See and sync files via OneDrive Sync client
Share files with other tenant users
Expanded administrative controls for sharing
OneDrive
11
Yammer provides the ideal platform for health care professionals to share ideas, experiences,
resources, and insights with each other.
Further Information
• The NHSmail O365 Hybrid tenant will not enable Yammer external access, external group access, third
party applications or sharing to non-NHSmail O365 Hybrid users in the first release
• Yammer-connected O365 groups will not be enabled as part of the first release.
Features
NHSmail
Office 365
Local
Office 365
Access tenant Yammer site pages
Create private/public groups, add/remove users
View activity streams, comments, likes
Follow contributors, view and post files
Manage Yammer profile and picture
Yammer
12
Delve is a web-based collaboration tool which helps users find and discover information relevant to them across all
Microsoft Office 365 products by pulling user content from Exchange, OneDrive for Business, SharePoint and
Yammer and presenting it in one place.
Further Information
• Permissions to view a user’s document is controlled via the user’s permissions in SharePoint Online and OneDrive for
Business. Delve discovers content based on these permissions and cannot change them.
• Features dependent on the Exchange Online integration are not supported by the NHSmail Office 365 Hybrid Service.
• Delve Boards will not show email attachment content as this is stored in the NHSmail Exchange. Only documents stored
in OneDrive and SharePoint will be visible due to the dependency on Exchange Online.
• Delve profile pictures will not appear in some part of the Delve application due to the dependency on Exchange Online.
Features
NHSmail
Office 365
Local
Office 365
Search for people, documents, or boards
View users contact card information
Follow and pin documents of interest
View recent activity and suggested content feed
View OneDrive and SharePoint documents
View mailbox attachments
DELVE
13
StaffHub is an online application that provides schedule and task management capability for frontline
workers. StaffHub enables easy creation, publishing and access to schedules; enabling workers to view
their schedules on the move.
Further Information
• Deployment of the mobile device application is the responsibility of local organisations
• StaffHub in-app chat will be available. Messages sent and received via the in-app chat tools are not stored by the
NHSmail Service.
Features
NHSmail
Office 365
Local
Office365
Create Schedule
View Schedule
Mobile Device Access
License Required
Request Change of Schedule
Authorise Change of Schedule
Send Announcements
In App Chat
StaffHub
14
Power BI is a suite of business analytics tools that deliver insights throughout your organisation.
Connect to hundreds of data sources, simplify data prep, and drive ad hoc analysis. Produce reports,
then publish them for your organisation to consume on the web and across mobile devices.
Further Information
• End users will be able to publish content packs to individual users, but not entire organisations.
• External sharing will be disabled on the national NHSmail Office 365 Hybrid Tenant
• Web publishing output will be disabled on the national NHSmail Office 365 Hybrid Tenant.
• SharePoint data sources will be available based on permissions that user has to access SharePoint content.
• Organisations will be able to access External AppSource Data Sources and authentic their own private accounts to
pull data from.
• PowerBI Premium (additional capacity nodes) will not be available vie the NHSmail O365 tenant.
• The PowerBI Free service will be available to any users of the NHSmail Hybrid Service regardless of their
assigned license type. Local Administrators will be able to enable the PowerBI Free service within the NHSmail
Portal. Free users can connect to all data sources through all connectivity options such as DirectQuery, live
connection and the use of the data gateway.
Features
NHSmail
Office 365
Local
Office 365
Build and publish custom reports
Manage report access permissions
Create content packs
Connect to local and on-premise data sources
Enable and use third party connectors
POWER BI
15
ADDITIONAL INFORMATION
Licensing & Registration
O365 licenses must be procured by NHS organisations directly from Microsoft or their License Reseller as they do today. O365 licenses will not
be available to procure through NHSmail. Organisations are not required to procure Azure AD licenses to consume the O365 service.
Registering your organisation to use the NHSmail O365 service will be via the NHSmail Portal where organisations can submit their O365
license details for allocation to the central NHSmail tenant.
Data & Security
The NHSmail central O365 tenant will be managed and supported by NHSmail and hosted by Microsoft from their data centres. Data in Azure AD
and O365 will be securely held by Microsoft in their UK and EU data centres.
More information on O365 data residency can be found here.
Service Support
Frontline support services for NHSmail O365 Hybrid will be provided by the existing national NHSmail Helpdesk. The Level 1 Helpdesk will
provide initial triage of contacts and raise faults to Level 2 teams as required. The Level 2 team will support faults and issues that can be
resolved within the central O365 tenant admin centre. Faults beyond this will be passed directly to Microsoft and be subject to their standard SLA
and process for O365 services. There is no charge to Hybrid users for this centrally provided service uplift.
